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WIM manufacturer certificate 



Background of the Invention 



The present invention relates; 
cryptography, particularly 
application protocol identity mcbdule 



to a security method using asymmetric key 
altHough not exclusively for use with a wireless 



only 



certifies te 



Asymmetric or public-key 
private key to which a user 
published or distributed on 
communicate with the user, 
user will first obtain a 
obtained from a certification 
encrypt a message using the 
the user using his private key 
communicate using their own 
private keys. However, in 
data is such that it is rarely su 
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cryptography, as is now well known, utilises a 
has access and a public key, which may be 
request for the use of those wishing to 
A third party wishing to communicate with the 
bearing the user's public key, which may be 
authority (CA). The third party is then able to 
user's public key for subsequent decryption by 
The approach means that a pair of users can 
key pairs without ever having to exchange their 
prabtice the computational effort required to encrypt 
table for large messages. 



However, the technique is suitable for authentication , non-repudiation and 
integrity services. As such, the technique is particularly suited and has been 
adopted for use in the Wire ess Application Protocol (WAP), for example. 
WAP is an industry-wide spec ification for developing applications that operate 
over wireless communication networks. For reference purposes, the WAP 
specifications are published by the Wireless Application Protocol Forum Ltd. 
and presently available at http://www.wapforum.org. 
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authentication 



The requirement for 
one which is particularly 
Financial Service Providers 
services have been purchasec 
cheques, credit and charge 
with the opportunity to assess 
In the case of notes this may 
visual inspection of the 
In the case of telephone 
purchase, the assessment 
stop list. However, with the 
opportunity for cashless 
communication terminal such 
of assessing a transaction 
checks. Thus, it has been 
assist in such transactions 
provide WAP client 
been found necessary to uti 
known as a WAP identity 
and process information 
Typically, a WIM might be i 
mobile telephone, the WIM 
(SIM) card or perhaps an 



relevant 



curds 



hologram 



may 



transactions 



authentication 



moc ule 



to 



guard 



Nevertheless, there remains 
forgery and fraud in relation 
of the present invention to 
manufacture of a WIM. It is a 
method of establishing confidence 
according to a range of techn ques. 



, non-repudiation and integrity services is 
to the needs of e-commerce and in particular 
FSPs) e.g. banks. Traditionally, goods and 
using physical objects whether coinage, notes, 
and the like. This has provided the vendor 
whether the payment is genuine. For example, 
take the form of the feel of the paper whilst a 
and signature on a credit card may suffice, 
payment using a credit card, or indeed a store 
include checking the card number against a 
advent of e-commerce and in particular the 
based on data held in an individual 
as a mobile telephone, there exists the problem 
wnere the parties are unable to carry out physical 
proposed to utilise the technique set out above to 
b provide security for the private keys used to 
, electronic signatures and the like, it has 
ise a tamper-resistant device. This device is 
(WIM). The WIM is used especially to store 
for user identification and authentication, 
injiplemented as a smart card. In the case of a 
c4>uld form part of the Subscriber Identity Module 
external smart card. 



nee ded 



significant further problem of security, namely 
the manufacture of the WIM itself. It is an aim 
against forgery and fraud in relation to the 
further aim of the present invention to provide a 
in the security of a WIM manufactured 
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Summary of the Invention 



aspect 



Thus, according to a first 
tamper evident wireless 
stored thereon a publiopriv£t< 
wherein the manufacturer 
relating to said key pair, the 
key. 



of the present invention, there is provided a 
application protocol identity module (WIM) including 
e key pair and a manufacturer certificate, 
certificate contains a set of fields holding data 
certificate being signed using a further private 



Preferably the manufacturer 
private key although in circumstances 
user prior to the creation of a 
an initial management certificate 
management private key in 
applied to the manufacturer certificate 



According to another aspect 
method of manufacturing a 
identity module (WIM) including 
on said module together with 
private key. 




certificate is signed using the manufacturer's 
where the module is distributed to a 
nanufacturer certificate, it is necessary to store 
and associated signature using an initial 
to provide means for validating the signature 



of the present invention, there is provided a 
tamper-evident wireless application protocol 
the steps of storing a public-private key pair 
manufacturer certificate signed using a further 



Again, the manufacturer certificate is preferably signed using the 
25 manufacturer's private key although in circumstances where the module is 
distributed to a user prior to the creation of a manufacturer certificate, it will be 
necessary to include the ft rther step of storing an initial management 
certificate and associated sigr ature using an initial management private key in 
order to provide means for validating the signature applied to the 
30 manufacturer certificate. 
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aspect 



In accordance with a further 
a method of validating a tamp 
module (WIM) on which is stored 
with a manufacturer certificate 
including the step of querying 
certificate with which to verify 
key. 



Where the certificate is gen 
necessary to query both the 
and the manufacturer's private 
part of a public-private key 
management key-pair whose 
manufacturer's private key 



In accordance with a still 
method of validating the iden 
transactions on a network 
terminal connected to the 
key of a public-private key 
authenticity of a certificate 
public key and subsequently 
which certificate is available 
network. 



service 



Preferably, the network 
the manufacturer certificate, 
stored on a tamperproof moc 
Identity Module (SIM) located 



of the present invention, there is provided 
er-evident wireless application protocol identity 
at least one public-private key pair together 
signed using a further private key, the method 
a public directory to obtain a public key 
the signature generated by the further private 



srated after distribution to a user, it will be 
Signature generated by the further private key, 
key. In this case, the further private key is one 
created by the manufacturer as an initial 
corresponding certificate is signed using the 



further aspect of the invention, there is provided a 
ity of a communication terminal for conducting 
comprising establishing the identity of a user of the 
network, interrogating the terminal to obtain a public 
pair stored on the terminal, confirming the 
signed by the module manufacturer supporting the 
issuing a further certificate for the public key 
t$ support transactions with the terminal over the 



provider may carry out the authentication of 
Advantageously, at least the private key is 
ule which may be integrated with a Subscriber 
in the terminal. 
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In accordance with yet another 
communications device havihg 
supporting security operations 
and further including a manufacturer 
module, wherein the manufadtu 
data relating to a public-private 
the private key being storec 
being signed using a further private 



Whilst, in accordance with e 
provided a method of satisfying 
an identity module for use in 
approving a manufacturing p 
the manufacturer store a 
manufacturer on a module 
process, wherein on connection 
module, the signature is verifi 



20 Brief Description of the Drawhgs 



In order to aid in 
embodiments thereof will now 
reference to the accompanying 



Figure 1a is a table illustrating 
generated in accordance with 
Figure 1b is a table illustrati 
contents of the manufacturer 



aspect of the invention, there is provided a 
stored thereon a plurality of certificates 
including authentication and non-repudiation, 
certificate stored on a tamper evident 
rer certificate contains a set of fields holding 
key pair for application layer security, at least 
on said module, the manufacturer certificate 
key. 



still further aspect of the invention, there is 
an identity module issuer of the provenance of 
transactions on a network comprises the issuer 
ocess of the module manufacturer and having 
manufacturer certificate signed securely by the 
produced in accordance with the approved 
to the network of a terminal containing a 
3d to determine whether it is the manufacturer's. 



understanding the present invention, a number of 
be described by way of example and with 
drawings, in which: 



the contents of a manufacturer certificate 
the method of the present invention; 
ng the key usage indicators forming part of the 
certificate of Figure 1a; 



800 *d 



080S98 l$Z\ m=xvj 



m SlN31Vd dHN Ll'll (Q3M)00.'NnP-H 




SI 

ni 



10 



15 



20 



25 



30 



P99415US 14/G6/00 09:26 

Figure 2 is a flowchart of the 
manufacturer certificate of Figure 
invention; 

Figure 3 is a flowchart of the 
manufacturer certificate of Figure 
invention; and 

Figure 4 is a flowchart of the 
manufacturer certificate of Figure 
invention. 



teps involved in creating a WIM containing the 
1 according to a first embodiment of the 

^teps involved in creating a WIM containing the 
1 according to a second embodiment of the 

^teps involved in creating a WIM containing the 
1 according to a third embodiment of the 



Detailed Description of the Invention 



Referring firstly to Figure 1a 
Application Protocol (WAP) Idlentity 
that is made up of a number o 
by reference to a serial number 
last dates of the validity of the 
pair covered by the certificate 



In addition to storing the 
further certificates to be used 
and Transport Layer Security 
Secure Multi-purpose 
Furthermore, the WIM mai 
certificates to enable verificat 
applications, for example. Su 
or at a later time by the 
insufficient or unavailable, ra 
module, they may be found 
(URL) stored on the WIM. 




the table shows the contents of a Wireless 
Module (WIM) manufacturer certificate 1 
fields 2 which serve to identify the certificate 1 
3, the issuer or manufacturer 4, the first and 
certificate 5,6, the nature of a private-public key 
and finally the public key itself 8. 



manufacturer certificate 1 f the WIM may also store 
for example, in Secure Sockets Layer (SSL), 
(TLS) client authentication and also for signing 
Internet Mail Extensions (S/MIME) messages, 
store trusted Certification Authority (CA) 
on of SSL, TLS servers and downloaded Java 
h certificates may be stored by the WIM issuer 
. Where the available space on the WIM is 
her than storing the further certificates on the 
jy reference to a Universal Resource Location 



600 'd 



080S98 ZSl\ frfr+=XVd 



m SlN31Vd dWN Ll'U (Q3M100 , W-M 




o 



m 



10 



15 



20 



25 



30 



P99415US 14/06/00 09:26 



Figure 1b further defines the 
be put. Thus a key pair may 
the intrinsic feature of 
repudiate a previously 
systems, the user has the sol^ 
key pair may be used in the 
the authentication of 
wireless transport layer specifi 
used in a key agreement 1 1 
scheme. Finally, a key pair 
key that is needed when an 
such as a mobile telephone 
a public key that correspond 
sends the wrapped key to the 
key and returns the unwrapped 
used to decipher the attached 



asymmetric 



authenticated 



documents 



used 



c£ n 



Referring now to Figure 2, 
in one embodiment of the 
certificate 1 is created during 
user. Firstly, a key pair is 
on a WIM, which may be 
communications terminal such 
smartcard for use with such 
outside the WIM must then 
containing the information 
the WIM and signed 17 
saved 18 onto the WIM. In 
rather than save the 




types of use to which a particular key pair may 
>e used in non-repudation 9 by which is meant 
cryptography of a user being unable to 
message because, unlike private key 
responsibility for protecting his private-key. A 
generation of a digital signature 1 0 which permits 
and handshakes such as used in the 
Dation (WTLS) of WAP. A key pair may also be 
to negotiate a secret, using a Diffie-Hellrnan 
be used for decryption or unwrapping 12 of a 
application installed in a communication terminal 
handset receives a message key enciphered with 
to a private key in the WIM- The application 
WIM. The WIM deciphers it using the private 
key to the application so that it can then be 
message. 



the| flowchart sets out the steps according to which, 
invention, a WIM containing a manufacturer 
the manufacture of a WIM prior to supply to a 
generated 13 outside the WIM and then saved 14 
integrated with a SIM card for use with a 
as a mobile telephone handset or as dedicated 
a terminal. Any record of the key pair existing 
be deleted 15. A manufacturer certificate 
described above is then created 16 externally of 
usirjg the manufacturer's private key before being 
a non-illustrated variant of the above method, 
manufacturer certificate directly onto the WIM, a URL 
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address pointing to the location 
thereby reducing the memory 
recognise that in the above-described 
support either the creation of 
certificate. 



tho 



With reference to Figure 3, 
during the manufacture of a W 
the WIM is provided with the 
pair internally 17 and then to 
external generation 19 of a 
the manufacturer's private 
then saved 21 onto the WIM 
save the manufacturer 
pointing to the location of the 
reducing the memory re 
generated within the WIM 



key 



on 



Finally, with respect to Figufe 
generation of a manufacturer 
user. In this method , it 
management key pair outside 
with a corresponding initial 
manufacturer's private key f 
provide only limited functionality 
certify a key pair generated 
any of the functionality 
may then be distributed to a 
perhaps more usefully following 
over the air Push (OTA-I 



ty 



described 



-Pu;;h) 




8 

of the certificate may be stored on the WIM 
requirement of the WIM. It is important to 
method there is no need for the WIM to 
a key pair or the creation of a manufacturer 



WIM manufacturer certificate is again created 
IM before supply to a user. In this embodiment 
functionality necessary to allow it to create a key 
permit the public key to be accessed 18 for the 
manufacturer certificate which is signed 20 using 
The manufacturer certificate (Figure 1a) is 
although in a non-illustrated variant rather than 
certificate directly onto the WIM, a URL address 
certificate may be stored on the WIM thereby 
quirer^ent of the WIM. The fact that the key pair is 
the security of the method. 



enh ances 



4, this embodiment relates to the internal 
certificate by a WIM once in the possession of a 
s necessary first to generate 22 an initial 
the WIM and to save 23 this key pair, together 
management certificate signed 24 using the 
the WIM. The initial management key pair will 
inasmuch as it can only be used merely to 
the WIM and thus is not capable of providing 
above in relation to Figure 1b. The WIM 
i^ser whereupon the user issues an instruction or 
receipt of an external instruction, such as an 
, the WIM creates 25 a key pair internally, 
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following which the WIM 
certificate signed 27 using the 
external party to be satisfied 
signed in this manner it will be 
set out below and applicable 
party also to validate the initilal 
manufacturer's private key as 



9 

generates 26 a corresponding manufacturer 
initial management private key. Clearly, for an 
of the legitimacy of a manufacturer certificate 
necessary, in addition to the validation process 
to all the embodiments set out herein, for that 
management certificate signed 24 using the 
set out below. 



Thus, following the manufactt 
necessary to validate the 
transactions by the 
Authority, namely the FSP 
depends, must first be 
manufacturer with whom has 
which meet the requirements 



thsit 



assured 



to 



Most conveniently, the 
validating a new user to a 
trusted relationship. As th€ 
contained forms part of a 
provider as the RA. Thus 
make a call to the RA during 
private key stored in the W 
confirmed by the RA in a 
personal data e.g. mother's 
also authenticates the manu 
containing the WIM public 
manufacturer public key from 
the FSP. Assuming the digital 
not revoked or suspended 




ring processes set out above, in each case it is 
before it can be utilised in commercial 
communications device. Hence, the Certification 
issues the WIM, i.e. on whose funds the user 
that the WIM has been produced by a 
previously been agreed production processes 
of the FSP to counter fraud, forgery and the like. 



Certification Authority may delegate the task of 
registration Authority (RA) with which it has a 
communication device in which the WIM is 
netWork, the CA may delegate the network service 
permit commercial transactions, the user will 
which the WIM public key 8 associated with the 
M is extracted and the identity of the user is 
known manner such as through an enquiry for 
njiaiden name or a single use password. The RA 
acturer signature on the certificate (Figure 1a) 
key 8. Accordingly, the RA obtains the 
a further certificate signed by a CA, in this case 
signature can be authenticated i.e. the CA has 
Certificate covering the manufacturer public 
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10 



key, then the RA can issue a certificate for the WIM public key 8. This public- 
key certificate is then placed in a repository where it is available to the public 
for use in supporting commercial transactions. 



Clearly, should the validation 
possibly a forgery. Furthermjore 
withdrawn support from the m 
the RA f through suspending c 
manufacturer public key, to provent 
for the CA withdrawing suppor: 
in the security protocols at the 
of the manufacturer was origin ally 



It will be clear from the above 
undertaken by the CA itself, 
provider has easy access to 
of validation. Also, through 
transfer of International Mob 
Mobile Subscriber Identity 
revealing the nature of the 
information can prove useful 
device to deal with different tra 



process fail then it will be known that the WIM is 
r where, for whatever reason the CA has 
anufacturer it will be necessary only to inform 
r revoking the relevant certificate covering the 
validation of the WIM. A possible reason 
for a manufacturer could include a breakdown 
manufacturing location on which the approval 
based. 



Ihat all the steps carried out by the RA could be 
However, the fact that the network service 
the communication device simplifies the process 
tjhe usual network processes, for example the 
le Subscriber Identity (IMSI) and Temporary 
(TMSI) Codes, the network provides the benefit of 
device in which the WIM is installed. This 
o the FSP in determining the capability of the 
nsactional services. 



It will be recognised in rela 
manufacturer certificate on th«> 
can provide confidence to a 
associated with that 
placed on the WIM. Such 
CA can identify the 
integrity of their key pair 



ion to the foregoing that the existence of a 
WIM or an address at which it might be found 
Certification Authority (CA) that the key pair 
manufacturer certificate (Figure 1a) has been securely 
cohfidence will, of course, stem from the fact that 
manufacturer of the WIM and, hopefully, be assured of the 
generation. Clearly, once the CA is confident of the 
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for 



integrity of the key pair it is 
identity of the WIM user 
communicate with said user. 
CA will verify the 
containing the manufacturer^ 
used to verify the manu 
manufacturer may well have 
may have a top CA for 
pairs. A top CA used by a 
third party CA that also 
hierarchy of certification 
certificates of different manufacturers 

What i s claim ed-te 



11 

n a position to issue a certificate certifying the 
the subsequent use of those wishing to 
As has been stated previously, in practice, the 
manufacturer certificate by firstly accessing a certificate 
own public key. This public key can then be 
acturer certificate itself. Furthermore, the 
single CA certificate to certify all key pairs, or it 
certification of intermediate CAs that certify actual key 
particular manufacturer may itself be certified by a 
the top CA of other manufacturers. Such a 
facilitates the secure distribution of the top CA 



a 



certii ies 
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